CoreDNS 的架构
解析流程
这里用到的是 CoreDNS 的 hosts plugin 插件。该插件仅支持 A, AAAA, 和 PTR 记录。
在线修改 coredns 的 configmap,不用重启哦。
kubectl edit configmap coredns -n kube-system
apiVersion: v1
data:
Corefile: |
.:53 {
errors
health
ready
kubernetes cluster.local in-addr.arpa ip6.arpa {
pods insecure
fallthrough in-addr.arpa ip6.arpa
}
hosts {
192.168.1.122 demo1.xx.com
192.168.1.123 demo2.xx.com
fallthrough
}
prometheus :9153
forward . /etc/resolv.conf {
prefer_udp
}
cache 30
loop
reload
loadbalance
}
kind: ConfigMap
metadata:
labels:
addonmanager.kubernetes.io/mode: EnsureExists
name: coredns
namespace: kube-system
还要注意的是 forward plugin 插件。用于设置 upstream Nameservers 上游 DNS 服务器。CoreDNS 就是通过它让容器能够解析外网的。
这里设置的是宿主机的 /etc/resolv.conf 文件中的 nameservers。
另外,在 kuberntets 中,pod 的默认 dnsPolicy 不是 Default,而是 ClusterFirst。
Note: "Default" is not the default DNS policy.
If dnsPolicy is not explicitly specified, then “ClusterFirst” is used.
"ClusterFirst": Any DNS query that does not match the configured cluster domain suffix,
such as "www.kubernetes.io", is forwarded to the upstream nameserver inherited from the node.
参考:
- kubernetes plugin
- DNS for Services and Pods
- How Queries Are Processed in CoreDNS
- Corefile Explained
- Deploying Kubernetes with CoreDNS using kubeadm
- Custom DNS Entries For Kubernetes
- Kubernetes DNS-Based Service Discovery
- 详解 DNS 与 CoreDNS 的实现原理
- CoreDNS 使用与架构分析
- 自定义DNS服务
- 调试DNS问题
- 集群内置DNS配置说明
- 使用 Autopath 插件
- autopath plugin